Skip to main content

CVE-2018-15515

Severity High
Score 7.8/10

Summary

The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices will load a Trojan horse "quserex.dll" from the CaptivelPortal.exe subdirectory under the D-Link directory, which allows unprivileged local users to gain SYSTEM privileges.

  • LOW
  • LOCAL
  • HIGH
  • UNCHANGED
  • NONE
  • LOW
  • HIGH
  • HIGH

References

Advisory Timeline

  • Published